Complete.Org: Mailing Lists: Archives: discussion: August 2001:
[aclug-L] Re: Denied connections
Home

[aclug-L] Re: Denied connections

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: <discussion@xxxxxxxxx>
Subject: [aclug-L] Re: Denied connections
From: "John Alexander" <johnalexander@xxxxxxxxxxx>
Date: Sun, 26 Aug 2001 22:32:42 -0500
Reply-to: discussion@xxxxxxxxx

For ammunition with those who say Linux is so easy to break into: Do It.
Any reasonably maintained Unix system has bullet-proof security compared to
the analoguos M$ system. Any Linux boxes hit by Code Red? Didn't think so.

ja

-----Original Message-----
From: discussion-bounce@xxxxxxxxx [mailto:discussion-bounce@xxxxxxxxx]On
Behalf Of Ironrose
Sent: Sunday, August 26, 2001 6:41 PM
To: discussion@xxxxxxxxx
Subject: [aclug-L] Re: Denied connections



Greg House wrote:
Maybe we should have SSH for a topic and how to use it one of the ACLUG
meetings.  My Micorosoft friends are always telling me how INSECURE
Linux is and that Linux computers are so easy to hack into.  (I wonder
how they think they know that, have they tried?)  I need more amunition
to argue with them.  Right now, I just try to leave them alone.  I have
told them about my log files from my firewall.  I so glad that I have a
good firewall now. :-)

> On Sunday 26 August 2001 14:02, you wrote:
>
> > > A related question; What keeps someone from breaking in on one of the
> > > ports that is not denied by the firewall?
> > > bruce
> >
> > Essentially each connection opens a 'tunnel' to the outside and if the
> > packet is not sent as a response over one of these tunnels, it denys the
> > packet. Unless, you specifically allow access to say port 80 (forewared
to
> > another machine), then there might be some problems.
>
> The idea is that you keep whatever you run on those ports as secure as
> possible. If you run a web server, make sure your version of Apache (or
> whatever) is as up to date as possible to prevent any known
vulnerabilities
> from being exploited in it. If you don't run a websever, shut off port 80
> (http) in your firewall. Likewise with other services.
>
> Some services are inherently less secure, so you might want to substitute
a
> higher security replacement. For example, use ssh instead of telnet.
>
> Greg
> -- This is the discussion@xxxxxxxxx list.  To unsubscribe,
> visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi


-- This is the discussion@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi


[Prev in Thread] Current Thread [Next in Thread]